CVE-2021-43810
published 2021-12-07CVE-2021-43810: Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior…
PriorityP340medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
5.78%
92.2th percentile
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts. This issue is patched in version 4.0.12.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| admidio | admidio | < 4.0.12 | 4.0.12 |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to /adm_program/system/redirect.php with url parameter set to javascript://%250aalert(document.domain); a vulnerable response returns HTTP 200 with Content-Type text/html and body containing 'please click ' ↗
- →Match response body for the string 'please click ' to confirm the XSS reflection point in redirect.php ↗
- →Confirm response Content-Type header is text/html alongside the body match to reduce false positives ↗
- ·Vulnerability is only present in Admidio versions prior to 4.0.12; version 4.0.12 and later are patched ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
Nuclei
Admidio - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-43810 [MEDIUM] Admidio - Cross-Site Scripting
Admidio - Cross-Site Scripting
A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts.
Template:
id: CVE-2021-43810
info:
name: Admidio - Cross-Site Scripting
author: gy741
severity: medium
description: A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts.
impact: |
Successful exploitation of this vulne
No writeups or analysis indexed.
https://github.com/Admidio/admidio/commit/c043267d362f7813543cc2785119bf3e3e54fe21https://github.com/Admidio/admidio/commit/fcb0609abc1d2f65bc1377866bd678e5d891404bhttps://github.com/Admidio/admidio/releases/tag/v4.0.12https://github.com/Admidio/admidio/security/advisories/GHSA-3qgf-qgc3-42hhhttps://github.com/Admidio/admidio/commit/c043267d362f7813543cc2785119bf3e3e54fe21https://github.com/Admidio/admidio/commit/fcb0609abc1d2f65bc1377866bd678e5d891404bhttps://github.com/Admidio/admidio/releases/tag/v4.0.12https://github.com/Admidio/admidio/security/advisories/GHSA-3qgf-qgc3-42hh
2021-12-07
Published